package com.seeyon.apps.kk.login;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import com.seeyon.apps.kk.manager.AdLoginManager;
import com.seeyon.ctp.common.AppContext;
import com.seeyon.ctp.common.constants.LoginConstants;
import com.seeyon.ctp.common.constants.LoginResult;
import com.seeyon.ctp.common.exceptions.BusinessException;
import com.seeyon.ctp.common.usermapper.dao.UserMapperDao;
import com.seeyon.ctp.login.AbstractLoginAuthentication;
import com.seeyon.ctp.login.LoginAuthenticationException;
import com.seeyon.ctp.organization.bo.V3xOrgMember;
import com.seeyon.ctp.organization.manager.OrgManager;
import com.seeyon.ctp.organization.principal.PrincipalManager;

public class KkLDAPLoginAuthentication extends AbstractLoginAuthentication {

	private static final Log log = LogFactory.getLog(KkLDAPLoginAuthentication.class);

	private UserMapperDao userMapperDao;

	private PrincipalManager principalManager = null;

	private OrgManager orgManager = null;
	private AdLoginManager adLoginManager;

	public String[] authenticate(String username, String password) throws LoginAuthenticationException {
		// 采用LDAP，username即为LDAP的用户名，否则应该A8自身的用户名
		if (this.getAdLoginManager().getIsLdapEnabled()) {
			     if(this.getAdLoginManager().adLogin(username, password)){
			    	 //获取已经认证通过的用户与oa用户名的映射  			    
					try {						
						String ln=StringUtils.lowerCase(username);
						V3xOrgMember member = getOrgManager().getMemberByLoginName(ln);
						 //如果用户不存在则抛出异常
				    	 if(member!=null){
				    		 return new String[] { member.getLoginName(), password };
				    	 }else{
				    			throw new LoginAuthenticationException(LoginResult.ERROR_AD_ACCOUNT_BINDING);
				    	 } 
					} catch (BusinessException e) {
						log.info("kk:登录信息出错"+username);
						e.printStackTrace();			 
					}
			    	
			     } 
				return null;
		} else { // 采用A8本地认证，接着往下走
			return null;
		}
	}

	@Override
	public String[] authenticate(HttpServletRequest request, HttpServletResponse response)
			throws LoginAuthenticationException {
		if (!this.getAdLoginManager().getIsLdapEnabled()) {// 如果ladp没有启用直接return
			return null;
		}
		
		String username = request.getParameter(LoginConstants.USERNAME);// 用户名
		String password = request.getParameter(LoginConstants.PASSWORD);// 密码
        
		if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) {
			return null;
		}
		return authenticate(username, password);
	}

	/**
	 * @return the userMapperDao
	 */
	public UserMapperDao getUserMapperDao() {
		if (userMapperDao == null) {
			userMapperDao = (UserMapperDao) AppContext.getBean("userMapperDao");
		}
		return userMapperDao;
	}

	/**
	 * @return the principalManager
	 */
	public PrincipalManager getPrincipalManager() {
		if (principalManager == null) {
			principalManager = (PrincipalManager) AppContext.getBean("principalManager");
		}
		return principalManager;
	}

	/**
	 * @return the orgManager
	 */
	public OrgManager getOrgManager() {
		if (orgManager == null) {
			orgManager = (OrgManager) AppContext.getBean("orgManager");
		}
		return orgManager;
	}

	public AdLoginManager getAdLoginManager() {
		if (adLoginManager == null) {
			adLoginManager = (AdLoginManager) AppContext.getBean("kkAdLoginManager");
		}
		return adLoginManager;
	}

}
